Size: 75.1 GB
Who Should Attend FOR500?
- Information security professionals who want to learn the in-depth concepts of Windows digital forensics investigations
- Incident response team members who need to use deep-dive digital forensics to help solve their Windows data breach and intrusion cases and perform damage assessments
- Law enforcement officers, federal agents, and detectives who want to become deep subject-matter experts on digital forensics for Windows-based operating systems
- Media exploitation analysts who need to master tactical exploitation and Document and Media Exploitation (DOMEX)
- Anyone interested in a deep understanding of Windows forensics who has a background in information systems, information security, and computers
FOR500: Windows Forensic Analysis will teach you to:
- Conduct in-depth forensic analysis of Windows operating systems and media exploitation on Windows 7, Windows 8/8.1, Windows 10, and Windows Server products.
- Identify artifact and evidence locations to answer crucial questions, including application execution, file access, data theft, external device usage, cloud services, device geolocation, file download, anti-forensics, and detailed system and user activity.
- Become tool-agnostic by focusing your capabilities on analysis instead of how to use a particular tool.
- Extract critical answers and build an in-house forensic capability via a variety of free, open-source, and commercial tools provided within the SANS Windows SIFT Workstation.